Part II: Security and Access

This is Part II of III of NGINX Cookbook. This part will focus on

security aspects and features of NGINX and NGINX Plus, the

licensed version of the NGINX server. Throughout this part, you

will learn the basics about controlling access and limiting abuse and

misuse of your web assets and applications. Security concepts such

as encryption of your web traffic as well as basic HTTP authentica‐

tion will be explained as applicable to the NGINX server. More

advanced topics are covered as well, such as setting up NGINX to

verify authentication via third-party systems as well as through

JSON Web Token Signature validation and integrating with Single

sign-on providers. This part covers some amazing features of

NGINX and NGINX Plus such as securing links for time-limited

access and security as well as enabling Web Application Firewall

capabilities of NGINX Plus with the ModSecurity module. Some of

the plug-and-play modules in this part are only available through

the paid NGINX Plus subscription, however this does not mean that

the core open source NGINX server is not capable of these securi‐

ties.